Re: IP Spoofing with DHCP ?

[Bryce Walter <brycewalter () HOTMAIL COM>]

Why in the heck would anybody ever do authentication based upon IP address
in a DHCP environment?  Security issues aside, this would be completely
pointless and ineffective.  While the IP address of a given computer tends
to stabilize out and will usually keep renewing the same IP address, an
Admin will know that there will be enough IP changes over time that he won't
want to go down that path.  Anytime a user's IP address changes and is
subsequently locked out of something will result in a phone call that
eventually lands on his desk.  As far as what you propose, yeah if you find
a DHCP network thats relying on IP address for authentication, that attack
would work in theory.

But if you have a network admin that doesn't see a problem with that
environment, chances are there will be security gaps in the network at every
turn.

> Hi I have a question concerning the DHCP protocol. I've heard that
> this protocol could allow a user to choose he's own IP address if it
> isn't already assigned to another user. I was wondering if a network
> using DHCP to assign IP addresses and authenticating users upon
> their IP address could lead to a breach (i know authentication upon
> IP address has never been a good security) but in theory would it be
> possible for an attacant to DoS a user's box and then spoof his IP
> before the ping timeout in order to be authentified as the user ?
>
> Thanks for the help

_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at
http://profiles.msn.com.